Privacy and Civil Liberties in the Digital Age

Last year, a researcher discovered that iPhones — among the world’s most popular electronic devices — were storing detailed, unencrypted information on their owners’ locations and uploading it to any computer they were connected to. Subsequent research revealed that both Apple iPhones and Google Android devices were sending detailed location information back to Apple and Google — and that in some cases, users didn’t know about it and even if they did, they had no way of stopping it.

Just a few months ago, another researcher discovered that software made by a company called Carrier IQ had been secretly installed on millions of smartphones and was tracking consumers’ locations and other private information. In both cases, millions of consumers who were carrying smartphones in their pockets had no idea that their personal information was being collected — and no way of stopping it.

When people talked about protecting their privacy when I was growing up, they were talking about protecting it from the government. They talked about unreasonable searches and seizures, about keeping the government out of their bedrooms. They talked about whether the government was trying to keep tabs on the books they read or the rallies they attended. Over the last 40 or 50 years, we’ve seen a fundamental shift in who has our information and what they’re doing with it. That’s not to say that we still shouldn’t be worried about protecting ourselves from government abuses. But now, we also have relationships with large corporations that are obtaining, storing — and in many cases, sharing (and selling) — enormous amounts of our personal information.

When the Constitution was written, the founders had no way of anticipating the new technologies that would evolve in the coming centuries. They had no way of anticipating the telephone, and so the Supreme Court ruled over 40 years ago, in Katz v. United States, that a wiretap constitutes a search under the Fourth Amendment. The founders had no idea that one day the police would be able to remotely track your movements through a GPS device, and so the Supreme Court ruled in January, in United States v. Jones, that this was also a search that required court approval.

All of this is a good thing: Our laws need to reflect the evolution of technology and the changing expectations of American society. This is why the Constitution is often called a “living” document.

But we have a long way to go to get our modern privacy laws in line with modern technology.

Between our wireless phone company, the company that we use for e-mail, our smartphone company and the companies that provide the apps on our phones, there exists a detailed, expansive record of everywhere we’ve been, every website we’ve visited and everyone we’ve called, e-mailed and texted and what we’ve said — often going back years and years.

In many if not most cases, these companies are legally free to share this information with whomever they want. And in most cases, people have no idea that this is happening. This all amounts to a really big deal.

Last week, the White House released a privacy “white paper” and called for the passage of a Consumer Privacy Bill of Rights. I was glad to see that President Obama believes, as I do, that our right to privacy is exactly that — a right, not a luxury. We need to work hard to make sure that right is a reality, and that’s an important part of what I do in the U.S. Senate.

Last year, I was named the chairman of the Judiciary Subcommittee on Privacy, Technology & the Law. It’s my job to help make sure that Americans can use technology without unknowingly compromising their personal privacy or even their safety, which is why when I heard that Apple was storing private location information, I brought them and Google in front of my subcommittee to get the full story.

I questioned these companies’ representatives and heard from leading privacy experts and administration officials in order to fully understand how these mobile companies were using their customers’ private information. In the same way, the moment I learned about CarrierIQ, I immediately pressed that company — and the major wireless companies that used it — for answers.

It’s important to understand that these are not just esoteric “tech” issues or abstract principles about privacy. Breaches of our data can have a profound impact on our lives. Almost immediately after I announced my investigation into mobile tracking, I got a call from the Minnesota Coalition for Battered Women (MCBW). They told me that mobile technology was being exploited by abusers and stalkers who were using the privacy vulnerabilities in smartphones to secretly track their victims.

The MCBW submitted the testimony of an abused woman in Minnesota who tried to go to a local courthouse to get help, but not five minutes after she got there, she got a text from her abuser telling her he knew exactly where she was. I also learned that there are actually “stalking apps” that are designed and marketed to help intimate partners stalk their victims and track their movements and communications.

Location tracking isn’t just a problem in theory — it’s a real problem with real consequences. Based on the expert testimony I heard during my hearing, I concluded that our laws do too little to protect the private information stored on our mobile devices. I introduced the Location Privacy Protection Act to close loopholes in federal law and ensure that consumers have control over their private location data.

Technology is an incredible tool — it connects people to each other, creates jobs all over the world, and makes life easier for millions of Americans. Today’s consumers are able to take advantage of incredible services — like those provided by Google — at no cost, simply by sharing some of their information and viewing some targeted advertising. It’s an incredibly innovative business model, but it’s important that we balance the benefits of technology with the privacy concerns of consumers.

We need to make sure that our laws keep pace with technology so that Americans have control over their private, personal information. I’m going to keep pushing my colleagues and the administration to move my legislation forward and do whatever it takes to protect American consumers.

I’m also going to make sure that whatever legislation comes across my Senate desk strikes the right balance between promoting technology and protecting our fundamental right to privacy.

Photo: A map of location data stored in an unencrypted file on the iPhone of a Wired.com reporter, April 22, 2011